Bonum Certa Men Certa

Links 9/9/2021: GNOME 41 RC and GStreamer 1.18.5



  • GNU/Linux

    • Desktop/Laptop

      • In Search of Linux Laptops? Check these 6 Places to Get Your Laptop in 2021

        Are you in search of Linux laptops? This article takes you through 6 different places that offer the best Linux laptops. So get prepared to choose your Linux laptop in 2021.

        [...]

        Slimbook is well known for its thin, rigid, and light durable laptops starting at a reasonable price of €930 (approx $1,075). These come with a nice screen, solid battery life, powerful CPU, and very good speakers.

        This brand is from Spain. Slimbook came ahead of its competitors launching the first KDE laptops.

        Slimbook brings laptops with a good variety of popular Linux distros, such as KDE Neon, Ubuntu, Ubuntu MATE, Linux Mint, Kubuntu. Additionally, their laptops have two Spanish Linux distros – Max and Lliurex. You can choose Windows OS as well with their laptops, but for that, additional costs are there.

        Slimbook offers desktop systems too. So, if you ever need desktops, check it here.

    • Server

    • Audiocasts/Shows

      • FLOSS Weekly 646: Atomic Jar and Testcontainers - Richard North

        Richard North was the dog that caught the bus when all of a sudden his open source project, Testcontainers, took off, and now has more than a million monthly downloads and developers using it at Netflix, Uber, Spotify, Google and other settings large and small. Doc Searls and Dan Lynch talk with Richard about how he caught the bus he ended up driving, how he set up Testcontainers.org, stood up Atomicjar.com as a running business backed by smart capital, and put learnings to use through a six-year journey that includes a worldwide pandemic that is changing development for everyone.

      • mintcast 369 – Cache Flushing

        1:49 The News 27:48 Security Update 32:18 Bi-Weekly Wanderings 1:01:28 Announcements & Outro

        First up in the news Linux Mint is ready for the facelift, Snaps get an upgrade, Kernel 5.14 is out, and 5.15 is looking good, and Ubuntu gets a release date

        In security cache flushing and Bluetooth flaws

        Then in our Wanderings Joe pines a phone with plasma, Tony walks 500 miles, and I search for a keyboard

      • Steamy PostgreSQL Shower | Coder Radio 430

        We are coming in hot, literally. It's a day of spicy takes.

    • Kernel Space

      • AMD Has An Important Suspend/Resume Fix With Linux 5.15 - Phoronix

        Since last year AMD has been working to get its s2idle / suspend-to-idle S0ix sleep state code in order for supporting this lowest power platform idle state on newer AMD laptops and there has also been other AMD suspend/resume improvements in recent times. Now with the Linux 5.15 kernel cycle is an important fix for the AMD s2idle code.

        Stemming from a user reporting incorrect resume from suspend with an HP ENVY X360, Linux 5.15 has a fix for it and other laptops facing a similar problem. The original issue was resuming from suspend would yield the power LED not working, some keys like brightness controls not working, and the cooling fan not spinning up even under load. Yeah, that's quite a poor Linux laptop experience.

      • Amazon's DAMON Merged Into Linux 5.15 For Data Access Monitoring Framework - Phoronix

        he DAMON kernel functionality developed by Amazon engineers has successfully landed in the Linux 5.15 tree.

        As part of the 147 patches herded into the kernel today by Andrew Morton, the most notable addition is the merging of the DAMON functionality.

      • Linux kernel 5.15: NTFS support gets a significant boost - TechRepublic

        The Linux kernel has included NTFS support for some time. However, up until now, working with NTFS filesystems on Linux has been a bit of a headache. One of the biggest issues with NTFS support in the Linux kernel to date has been fully functioning read/write support. The old captive NTFS driver hasn't been maintained for quite a while, and the NTFS-3G driver from Tuxera is far too slow for acceptable use (especially for enterprise use cases). So, a new driver has been needed for some time.

    • Benchmarks

      • Ubuntu 21.10 Delivering Some Performance Gains On The Intel Core i9 11900K - Phoronix

        For those wondering how the upcoming Ubuntu 21.10 release is looking for Intel "Rocket Lake" owners, here are some Ubuntu 21.04 versus 21.10 development benchmarks across dozens of different tests.

        With last month running some early Ubuntu 21.10 benchmarks on AMD Ryzen 9 5950X, the focus this time around with the latest Ubuntu 21.10 development build as of testing was for any performance changes on the Intel Core i9 11900K front.

    • Applications

      • Apps for daily needs part 5: video editors

        Video editing has become a popular activity. People need video editors for various reasons, such as work, education, or just a hobby. There are also now many platforms for sharing video on the internet. Almost all social media and chat messengers provide features for sharing videos. This article will introduce some of the open source video editors that you can use on Fedora Linux. You may need to install the software mentioned. If you are unfamiliar with how to add software packages in Fedora Linux, see my earlier article Things to do after installing Fedora 34 Workstation. Here is a list of a few apps for daily needs in the video editors category.

      • GStreamer 1.18.5 stable bug fix release

        The GStreamer team is pleased to announce another bug fix release in the stable 1.18 release series of your favourite cross-platform multimedia framework!

        This release only contains bugfixes and important security fixes, and it should be safe to update from 1.18.x.

    • Instructionals/Technical

      • Linux ls Command List and Sort Files by Size

        A directory in a Linux system can hold from a few files to hundreds and thousands of files.

        You may need to sort the files by size, either in ascending or descending order. The reason for sorting files by size may vary. We may want to locate the largest to smallest files or vice versa.

        You can easily sort files using the ls command.

        In this tutorial, we’ll cover the various ways of sorting files by size using the ls command.

        In our examples we’ll sort files in the /var/cache/apt/archives directory.

      • Share files with your client using ProjectSend

        ProjectSend is an open-source self-host file sharing platform for companies, teams and communities.

        It is an ideal solution if you want to share files with your clients. Let's say you are a designer who shares dozens of files with his clients every day, with ProjectSend you can do this effortlessly and without a hassle.

      • Discover your cluster logfiles - A journey into the past. | SUSE Communities

        Log files are very useful when it comes to situations where the root cause of an event has to be investigated. But analyzing logs does not only mean looking for errors in the system. There are also a lot of other informations in most of the log files. The pacemaker log file is a perfect example. Beside warnings and errors it includes also all cluster changes. The trick is to know which keywords you have to search for.

      • Set the order of task execution in Ansible with these two keywords | Enable Sysadmin

        Regular readers of Enable Sysadmin know that most of us are big fans of Ansible. We particularly like using Ansible roles to design reusable code effectively. A playbook follows a specific execution order when it runs, and there are several ways to control the order in which your tasks run. In this article, I'll look at two particularly useful Ansible features, pre_tasks and post_tasks. I'll walk you through some real (and simple) examples of how these features can add additional flexibility to your playbooks by executing tasks at different points during a playbook run.

      • Debug a web page error from the command line | Opensource.com

        Sometimes when managing a website, things can get messed up. You might remove some stale content and replace it with a redirect to other pages. Later, after making other changes, you find some web pages become entirely inaccessible. You might see an error in your browser that "The page isn't redirecting properly" with a suggestion to check your cookies.

      • Try Fusion-360 by installing on Ubuntu 20.04 LTS Linux using Wine

        “Fusion 360” is a CAD / CAM program from Autodesk, which is known for 3D modeling software. Although it is a paid graphic design software, students and schoolchildren can download the professional program for Windows and Mac free of charge. With this professional tool, you can design mechanical components and master a wide variety of tasks in product design. You can render your drafts, create animations, and – thanks to cloud support – helps to work in collaboration.

      • How to install Clone Hero on a Chromebook

        Today we are looking at how to install Clone Hero on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

        If you have any questions, please contact us via a YouTube comment and we would be happy to assist you!

      • How to list all installed packages on OpenSUSE/SUSE Linux - nixCraft

        So you want to see a list of all packages installed on your SUSE Linux or OpenSUSE Linux system? Try these simple tips for listing all packages.

        We can easily search for packages matching any given search text/words under OpenSUSE or SUSE Enterprise Linux using the zypper command.

      • How To Find OpenSuse / SUSE Linux Version Using CLI - nixCraft

        How do I find out my Suse Linux / OpenSuse Linux / Suse Enterprise Linux server/desktop version using the command line options? What is the command to find out OpenSUSE Linux version?

        This page explains how to find SUSE or OpenSUSE Linux version using the cat command and other commands.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

      • GNOME Desktop/GTK

        • GNOME 41 Release Candidate Arrives With Many Improvements

          Ahead of the official GNOME 41 release later this month, the release candidate is now available to facilitate more testing.

          The GNOME 41 release candidate "41.rc" packages are now available for testing and GNOME developers have also put together a new "GNOME OS" release using these bleeding-edge packages to help in testing and for developers wanting to port extensions and other work around GNOME 41.

        • GNOME 41.RC is now available!

          Hi,

          GNOME 41.rc is now available. Remember this is the end of this development cycle; enjoy it as fast as you can, the final release is scheduled for this coming week!

          The corresponding flatpak runtimes have been published to Flathub. If you'd like to target the GNOME 41 platform, you can test your application against the 41beta branch of the Flathub Beta repository.

          An installer image (built from scratch using freedesktop-sdk 21.08 as a base) is also available for testing and porting extensions:

          https://os.gnome.org/download/41.rc/gnome_os_installer_41.rc.iso

          This is meant to be installed in a virtual machine with EFI support (such as the GNOME Boxes version available on Flathub). You can also try to install it on bare metal but be warned that hardware support is very limited (join #gnome-os channel at irc.gnome.org if you are interested).

          We remind you we are string frozen, no string changes may be made without confirmation from the l10n team (gnome-i18n@) and notification to both the release team and the GNOME Documentation Project (gnome-doc-list@).

          Hard code freeze is also in place, no source code changes can be made without approval from the release-team. Translation and documentation can continue.

          If you want to compile GNOME 41.rc, you can use the official BuildStream project snapshot. Thanks to BuildStream's build sandbox, it should build reliably for you regardless of the dependencies on your host system:

          https://download.gnome.org/teams/releng/41.rc/gnome-41.rc.tar.xz

          The list of updated modules and changes is available here:

          https://download.gnome.org/core/41/41.rc/NEWS

          The source packages are available here:

          https://download.gnome.org/core/41/41.rc/sources/

    • Distributions

      • New Releases

        • Whonix 16 available, an anonymous Linux OS

          The release of the Whonix 16 distribution kit , aimed at providing guaranteed anonymity, security and protection of private information, took place. Whonix boot images are built to run under the control of the KVM hypervisor . Builds for VirtualBox and for use on the Qubes operating system are delayed (while Whonix 16 test builds continue to ship). The developments of the project are distributed under the GPLv3 license.

          The distribution is based on Debian GNU / Linux and uses Tor to ensure anonymity. A feature of Whonix is ​​the division of the distribution into two separately installed components – Whonix-Gateway with an implementation of a network gateway for anonymous communications and Whonix-Workstation with a desktop. Both components ship inside a single boot image. Access to the network from the Whonix-Workstation environment is made only through the Whonix-Gateway, which isolates the work environment from direct interaction with the outside world and allows only fictitious network addresses to be used. This approach protects the user from leaking the real IP address in the event of a hacked web browser or even exploiting a vulnerability that gives an attacker root access to the system.

          [...]

          If desired, the user can use only Whonix-Gateway and connect through it their usual systems, including Windows, which makes it possible to provide anonymous logoff for workstations already in use.

        • Kali Linux 2019.4 Release (Xfce, Gnome, GTK3, Kali-Undercover, Kali-Docs, KeX, PowerShell & Public Packaging)

          We are incredibly excited to announce our fourth and final release of 2019, Kali Linux 2019.4, which is available immediately for download.

          [...]

          There are a ton of updates to go over for this release, but the most in your face item that everyone is going to notice first are the changes to the desktop environment and theme. So let’s cover that first.

      • IBM/Red Hat/Fedora

      • Debian Family

      • Canonical/Ubuntu Family

        • Canonical announces new Anbox Cloud Appliance on AWS Marketplace - TechRepublic

          Canonical, the publisher of the open source Ubuntu operating system, announced Wednesday the availability of the Anbox Cloud Appliance in AWS Marketplace. The appliance allows Android developers to go from prototype to production.

          The Anbox Cloud Appliance is a scaled down version of Canonical's Anbox Cloud, which developers use for rapid prototyping and gives them access to a more extensive set of instance types, including support for Arm CPUs and NVIDIA GPUs than the appliance does.

    • Devices/Embedded

      • Tiny Gemini Lake mini-PC supports Linux

        XDO Tech has Kickstarter’ed a tiny, $149-and-up “Pantera PicoPC” mini-PC that runs Linux or Win 10/11 on a quad-core Gemini Lake CPU and offers up to 8GB LPDDR4, an SSD, 802.11ax/BT, HDMI, 3x USB 3.0, USB 2.0, and Type-C power with an optional battery.

        XDO Tech has gone to Kickstarter to successfully launch a fan-cooled, 69 x 69 x 53mm mini-PC equipped with a Gemini Lake Refresh — Intel’s Atom-class follow-on to Apollo Lake. The Pantera PicoPC starts at $149 for a Super Early Bird model with 4GB LPDDR4 and 64GB eMMC. There is also a $179 Super Early Bird with 8GB RAM and a 256GB M.2 SSD. Other 8GB RAM packages supply 512GB ($212) and 1TB ($250) SSDs. The campaign runs through Oct. 3 and shipments are expected in November.

      • Onyx Boox Note 3 Is A Powerful Android Ebook Reader

        Ebook readers have been on a steady rise in recent years, with people moving away from traditional book reading into the digitalized experience for many reasons: Saving budget & space, getting more comfort while reading for long hours and also unlocking access to better features than the normal reading process (E.g note taking, sharing, highlighting, PDF files access anywhere… etc).

        Amazon’s Kindle is the most famous e-reader by far, however, it is not alone. There have been many new competitors in the market with much better features for avid readers who would like to fully unlock the potential of their ebook reading experience.

        Today we’ll talk about the Onyx Boox Note 3 e-reader, which is powered by Android, as a possible e-reader that you can buy if you are from this niche. Although a bit far from our typical publishing line in FOSS Post, a small change in the mood is never harmful (Let alone that it is powered by Linux, so not that far actually).

      • Open Hardware/Modding

        • Custom Joystick Build Guide Should Point You In The Right Direction | Hackaday

          Over the last two years, [benkster] has been perfecting their ideal flight controller. Like many people, they started out with a keyboard and mouse and eventually moved on to a joystick. While a HOTAS (hands on throttle-and-stick — e.g. a yoke controller with inputs right there on the sides) might have been the next logical step, those things cost too much. Naturally, the answer is to build one, ideally for less money. Hey, it could happen.

        • Arduino Powered Heat Pump Controller Helps Warm Your Toes | Hackaday

          Heat pump heating technology is starting to pop up more and more lately, as the technology becomes cheaper and public awareness and acceptance improves. Touted as a greener residential heating system, they are rapidly gaining popularity, at least in part due to various government green policies and tax breaks.

          [Gonzho] has been busy the last few years working on his own Arduino Powered Open Source heat pump controller, and the project logs show some nice details of what it takes to start experimenting with heat pumps in general, if that’s your game. Or you could use this to give an old system a new lease of life with an Arduino brain transplant.

        • 25-key ESP32 Touch Matrix makes good use of ESP32’s touch sensor interface

          Besides the addition of Bluetooth, there are many differences between ESP8266 and ESP32 and one of the lesser-known interfaces may be ESP32’s touch sensor interface.

          India-based Electro Point’s ESP32 Touch Matrix makes good use of the touch sensor interface with 25 touch pads arranged in a 5×5 matrix creating a wireless keypad that could connect over WiFi or Bluetooth to a host.

      • Mobile Systems/Mobile Applications

        • Pining For A De-Googled Smartphone

          Last summer in the first swings of the global pandemic, sitting at home finally able to tackle some of my electronics projects now that I wasn’t wasting three hours a day commuting to a cubicle farm, I found myself ordering a new smartphone. Not the latest Samsung or Apple offering with their boring, predictable UIs, though. This was the Linux-only PinePhone, which lacks the standard Android interface plastered over an otherwise deeply hidden Linux kernel.

          As a bit of a digital privacy nut, the lack of Google software on this phone seemed intriguing as well, and although there were plenty of warnings that this was a phone still in its development stages it seemed like I might be able to overcome any obstacles and actually use the device for daily use. What followed, though, was a challenging year of poking, prodding, and tinkering before it got to the point where it can finally replace an average Android smartphone and its Google-based spyware with something that suits my privacy-centered requirements, even if I do admittedly have to sacrifice some functionality.

    • Free, Libre, and Open Source Software

      • Web Browsers

        • Mozilla

          • Hacks.Mozilla.Org: Time for a review of Firefox 92

            Release time comes around so quickly! This month we have quite a few CSS updates, along with the new Object.hasOwn() static method for JavaScript.

          • Will Kahn-Greene: Mozilla: 10 years

            It's been a long while since I wrote Mozilla: 1 year review. I hit my 10-year "Moziversary" as an employee on September 6th. I was hired in a "doubling" period of Mozilla, so there are a fair number of people who are hitting 10 year anniversaries right now. It's interesting to see that even though we're all at the same company, we had different journeys here.

            I started out as a Software Engineer or something like that. Then I was promoted to Senior Software Engineer and then Staff Software Engineer. Then last week, I was promoted to Senior Staff Software Engineer. My role at work over time has changed significantly. It was a weird path to get to where I am now, but that's probably a topic for another post.

      • Programming/Development

        • Dirk Eddelbuettel: RcppSimdJson 0.1.6 on CRAN: New Upstream 1.0.0 !!

          The RcppSimdJson team is happy to share that a new version 0.1.6 arrived on CRAN earlier today. Its release coincides with release 1.0.0 of simdjson itself, which is included in this release too!

          RcppSimdJson wraps the fantastic and genuinely impressive simdjson library by Daniel Lemire and collaborators. Via very clever algorithmic engineering to obtain largely branch-free code, coupled with modern C++ and newer compiler instructions, it results in parsing gigabytes of JSON parsed per second which is quite mindboggling. The best-case performance is ‘faster than CPU speed’ as use of parallel SIMD instructions and careful branch avoidance can lead to less than one cpu cycle per byte parsed; see the video of the talk by Daniel Lemire at QCon (also voted best talk).

        • DevRel for Beginners: What to Know and How to Get Started

          Like many DevRel professionals, Ravi Lachhman began his tech career as a software engineer. He embraced an iterative, trial-and-error approach to development. He also found that he learned best by teaching others.

          “On projects, I would always elect to write documentation and convert to Agile, happy to give presentations and sprint demos,” Lachhman told The New Stack.

          That led to solutions architect and sales engineer positions, which eventually opened the door to his first evangelist role three years ago, a common job title in the DevRel field. Today, Lachhman manages a team of DevRels at Harness, a software-delivery platform company. (He’s hiring, by the way.)

        • The Dark Side Of Package Repositories: Ownership Drama And Malware

          At their core, package repositories sound like a dream: with a simple command one gains access to countless pieces of software, libraries and more to make using an operating system or developing software a snap. Yet the rather obvious flip side to this is that someone has to maintain all of these packages, and those who make use of the repository have to put their faith in that whatever their package manager fetches from the repository is what they intended to obtain.

          How ownership of a package in such a repository is managed depends on the specific software repository, with the especially well-known JavaScript repository NPM having suffered regular PR disasters on account of it playing things loose and fast with package ownership. Quite recently an auto-transfer of ownership feature of NPM was quietly taken out back and erased after Andrew Sampson had a run-in with it painfully backfiring.

          In short, who can tell when a package is truly ‘abandoned’, guarantee that a package is free from malware, and how does one begin to provide insurance against a package being pulled and half the internet collapsing along with it?

        • Commercial LTS Qt 5.15.6 Released

          We have released Qt 5.15.6 LTS for commercial license holders today. As a patch release, Qt 5.15.6 does not add any new functionality but provides bug fixes and other improvements.

        • Rust

          • Rustacean Principles

            As the web site says, Rust is a language empowering everyone to build reliable and efficient software. I think it’s precisely this feeling of empowerment that people love about Rust. As wycats put it recently to me, Rust makes it “feel like things are possible that otherwise feel out of reach”. But what exactly makes Rust feel that way? If we can describe it, then we can use that description to help us improve Rust, and to guide us as we design extensions to Rust.

            Besides the language itself, Rust is also an open-source community, one that prides itself on our ability to do collaborative design. But what do we do which makes us able to work well together? If we can describe that, then we can use those descriptions to help ourselves improve, and to instruct new people on how to better work within the community.

          • Ian Jackson: Wanted: Rust sync web framework

            Please recommend me a high-level Rust server-side web framework which is sync and does not plan to move to an async api.

        • Java

          • Build a Random Password Generator in Java

            Today, we will make a random password generator that makes passwords with random numbers and letters!

            In order to do this we are going to use ASCII. ASCII is a language in which every possible character is represented by a number. This standard ensures that computers can communicate to each other about characters properly.

            This is a more challenging project for beginners, but you certainly have the ability to do it as long as you are familiar with Java concepts such as conditionals, loops, functions, and random numbers.

            Watch the tutorial video to see how we code this game step-by-step and continue reading this post for more details.

  • Leftovers

    • Venice prepares to charge tourists, require booking

      From a control room inside the police headquarters in Venice, Big Brother is watching you.

      To combat tourist overcrowding, officials are tracking every person who sets foot in the lagoon city.

      Using 468 CCTV cameras, optical sensors and a mobile phone-tracing system, they can tell residents from visitors, Italians from foreigners, where people are coming from, where they are heading and how fast they are moving.

    • Hardware

    • Health/Nutrition

      • Vietnamese man jailed for 5 years for spreading coronavirus

        Vietnam jailed a man on Monday for five years for breaking strict COVID-19 quarantine rules and spreading the virus to others, state media reported.

        Le Van Tri, 28, was convicted of "spreading dangerous infectious diseases" at a one-day trial at the People's Court of the southern province of Ca Mau, the state-run Vietnam News Agency (VNA) reported.

    • Integrity/Availability

      • Proprietary

        • TrueConf Introduces Linux-Based Video Collaboration Platform

          TrueConf, an award-winning video conferencing developer, announces the official release of TrueConf Server for Linux. This all-in-one UC platform will enable organizations with Linux-based infrastructure to deploy highly secure video conferencing networks using the ecosystem of TrueConf software and hardware solutions.

          The Linux version of TrueConf Server ensures the same security, quality, and feature set as its counterpart for Windows. With this cross-platform software solution, users can run unlimited UltraHD events with up to 1,000 participants at a time, from any location and device.

        • Pseudo-Open Source

          • Openwashing

            • Facebook Opens Up CacheLib As Their New Caching Engine - Phoronix

              Facebook last week formally announced CacheLib as their new open-source caching engine designed for web scale services and to make for effective non-volatile memory caching to offset the increasing costs of DRAM.

            • Not All Of The IBM POWER10 Firmware Is Currently Open-Source

              Power E1080 server as their first in a new family of servers based on the IBM POWER10 processor. Sadly though not all of the POWER10 firmware is open-source.

              While POWER9 was big for open-source fans with the formation of the OpenPOWER Foundation and Raptor Computing Systems designing POWER9-based systems that are fully open-source down to schematics and the motherboard firmware, the same can't be currently said about POWER10.

              Raptor Computing Systems previously hinted that it might not be all rosy for POWER10 when it comes to open-source and at least for the initial rollout, it does appear to be that way.

        • Security

          • HAProxy Found Vulnerable to Critical HTTP Request Smuggling Attack

            A critical security vulnerability has been disclosed in HAProxy, a widely used open-source load balancer and proxy server, that could be abused by an adversary to possibly smuggle HTTP requests, resulting in unauthorized access to sensitive data and execution of arbitrary commands, effectively opening the door to an array of attacks.

          • Vulnerability Could Expose HAProxy to HTTP Request Smuggling Attack | eSecurityPlanet

            A critical vulnerability discovered in the open-source load balancer and proxy server HAProxy could enable bad actors to launch an HTTP Request Smuggling attack, which would let them bypass security controls and gain unauthorized access to sensitive data.

            Researchers with JFrog Security uncovered the vulnerability, CVE-2021-40346, during their regular searches for new and previously unknown vulnerabilities in popular open-source projects. HAProxy fits into that category.

          • Outdated Linux Versions, Misconfigurations Triggering Cloud Attacks: Report [Ed: This is not about Linux but software that runs on it; it's like blaming Photoshop holes on "Windows"]

            The "Linux Threat Report 2021 1H" from Trend Micro found that Linux cloud operating systems are heavily targeted for cyberattacks, with nearly 13 million detections in the first half of this year. As organizations expand their footprint in the cloud, correspondingly, they are exposed to the pervasive threats that exist in the Linux landscape.

            This latest threat report, released Aug. 23, provides an in-depth look at the Linux threat landscape. It discusses several pressing security issues that affect Linux running in the cloud.

          • Security Risks of Relying on a Single Smartphone

            Isracard used a single cell phone to communicate with credit card clients, and receive documents via WhatsApp. An employee stole the phone. He reformatted the SIM, which was oddly the best possible outcome, given the circumstances. Using the data to steal money would have been much worse.

          • ClamAV 0.104.0 introduces LTS program - itsfoss.net

            The developers have announced the project’s blog a new Long Term Support (LTS) program on as part of an update of their End-of-Life (EOL) policy. The LTS program begins retrospectively with the last major version, ClamAV 0.103. The new LTS policy extends the lifespan from 0.103 to September 2023. LTS editions are supported for a minimum of three years.

            Each LTS version is supported with critical patch versions and access to signature updates for the duration of the three-year support period. A new LTS feature release is presented approximately every two years. Non-LTS releases are supported with critical patch versions for at least four months from the original release date of the next feature release or until the release of the next feature release. For detailed information on the Long Term Support Program, see the LTS Announcement blog post and the LTS Policy in the online documentation.

          • Best File and Disk Encryption Tools For Linux

            Most of us are familiar with Microsoft Windows or macOS - these OSes dominate the personal computing space. But the OS that is taking over the world isn’t owned by Microsoft, Apple, or any tech company for that matter. In fact, the most popular OS in the world today isn’t owned by anyone. It’s the completely open-source Linux operating system.

            [...]

            GnuPG, also known as GPG, is a unique hybrid encryption tool that not only employs conventional symmetric-key cryptography but also uses public-key cryptography. This two-prong approach to encryption helps speed up the encryption process without compromising OS security.

            GnuPG is popular among journalists who use the tool to encrypt important documents and protect the identities of their sources.

          • Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

            Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system.

          • Zoho Releases Security Update for ADSelfService Plus | CISA

            Zoho has released a security update on a vulnerability (CVE-2021-40539) affecting ManageEngine ADSelfService Plus builds 6113 and below. CVE-2021-40539 has been detected in exploits in the wild. A remote attacker could exploit this vulnerability to take control of an affected system. ManageEngine ADSelfService Plus is a self-service password management and single sign-on solution for Active Directory and cloud apps. Additionally, CISA strongly urges organizations ensure ADSelfService Plus is not directly accessible from the internet.

          • Privacy/Surveillance

            • This Contact Tracing Has A Major Exploit - Invidious

              I've uncovered a massive exploit in the contact tracing system used in South Australia and so far the SA Health has done absolutely nothing to fix it, I told them I'd publish this if it didn't get fixed so here we go.

    • Civil Rights/Policing

      • U.S. condemns Russia's detention of Crimean Tatar leader, 45 others

        The United States on Sunday strongly condemned what it said was Russia's detention at the weekend of the deputy leader of the main representative body of Crimean Tatars and at least 45 other members of the ethnic group.

        A State Department statement said Nariman Dzhelyalov, deputy chairman of the Crimean Tatars' Mejlis, was detained on Saturday by Russian occupation authorities in Crimea. It said at least 45 other Crimean Tatars had also been detained.

      • Bolsonaro’s Pro-Coup September 7 Rally Is Brazil’s January 6

        With his reelection prospects dimming, Bolsonaro’s supporters are ramping up their version of the pro-Trump rally that led to the Capitol riot.



Recent Techrights' Posts

'Tech' Gimmicks Are for Advertising, Not for Usability
In the case of Microsoft, they latched onto slop
BetaNews Sacked Brian Fagioli and Deleted His Comments, But He Still Tries to Use the "BetaNews" Brand for Self-Affirmation
Fagioli takes the work of other people
[Meme] Hard to Be a Better Person?
Sooner or later they'll realise that for each pound I spend they need to spend about 1,000 times more
New US Editor for The Register is a Microsoft Booster
"Avram Piltch has served as US editor for The Register since July 2025."
Reda Demanded That FSF Removes Its Founder, Now Reda Works Directly for Microsoft
A sellout and a traitor, first working for GAFAM, now Microsoft
PCLinuxOS is Raising Money to Support Development After Fire Incident at the Host
PCLinuxOS has not had announcements lately
Over 3 Months Later Brett Wilson LLP Still Unable to Recruit a Media Lawyer?
"Immediate start", but not found... still unfilled
Microsoft is Trying to "Pull a Nokia" on GNU/Linux as Desktop/Laptop Platform
We all remember that rather well, don't we?
 
Informa TechTarget's ITProToday is Becoming a Slopfarm Generated by Microsoft Chatbots
Busted.
The LLM Con Artists Are Highly Destructive
Who will ever be held accountable for this scam?
Too Bribed by Microsoft to Move to Free Software?
Microsoft lies and Microsoft bribery (in politics)
Microsoft Hiring European Politicians is Another Form of Bribery; There Should be a European Investigation
When Microsoft bribed people in Europe for OOXML (there's no denying this!) a European government delegate said that Microsoft operated like a cult
Speed of the Site Should be Better Now
The "bot attacks" impact the speed of the sister site too
Getting More From AnalogNowhere
Recently we used many images from AnalogNowhere
Microsoft, Microsofters and 'Secure' Boot Shills Already Storming the LWN Report About Expiring Certificate, Shooting the Messenger
LWN has clearly stuck a nerve
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, July 23, 2025
IRC logs for Wednesday, July 23, 2025
Disable "Secure" Boot Today (the Only Better Time to Do So Was Yesterday)
Don't trust anything Red Hat tells you about security
Links 23/07/2025: Windows Killed Company After 150+ Years, US Government Mimics Russia's Attacks on the Media
Links for the day
Freedom Generally Wins at the End, History Shows (But It's Constantly Attacked, Too)
At the moment people realise "Linux" (e.g. Android) isn't enough to guarantee any freedoms
“Inhumane” and “Disgusting” Mass Layoff Execution, According to Microsoft Staff
The workers are looking for other places to work
Misinformation is Not Intelligence
It's low-grade plagiarism and it fails to show any signs of intelligence
The Free Software Foundation (FSF) Has a New Slogan for Its 40th Anniversary
The freedoms are what's most important
LLM Slopfarms gbhackers.com, "Cyber Press" and CyberSecurityNews Are Drowning Google News (and Shame on Google for Feeding and Facilitating Them)
All are run by the same people
Links 23/07/2025: Droplets GUI Patent Monopoly Challenge, Nokia Leverages Illegal Patent Court Against Rivals
Links for the day
Gemini Links 23/07/2025: Community in Geminispace and Challenges With Old Computers
Links for the day
Links 23/07/2025: Slop Patents Tackled, Slop Copyright Misuses Tackled by Politicians
Links for the day
Our Three Lawsuits Against Microsofters Are About to Become a Lot More Relevant to GNU/Linux
The Master will easily understand why Garrett has been attacking me since 2012
Links 23/07/2025: Retreating From Transparency on Jeffrey Epstein, We No Longer Have Press Freedom
Links for the day
Gemini Links 23/07/2025: Piano and Food
Links for the day
New and Old
On Ageism in Tech
Slop Is Not Intelligence and It Does Not Enhance Productivity
Like voice dictation, which cannot tell the difference between "sheet" and "shit"
EPO Crimes Are Spreading to the British Court System
Society is now paying the price for failing to tackle crimes at the EPO
It's Time to Dump SharePoint and Here's What to Use Instead
Nextcloud, ownCloud, Bookstack, MediaWiki, and MediaGoblin
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, July 22, 2025
IRC logs for Tuesday, July 22, 2025
Brett Wilson LLP Has Gone Silent
Sometimes silence says more than nothing at all
Slopwatch: LinuxSecurity, Planet Ubuntu, and LinuxTechLab
some slopfarms show no remorse and they don't value their reputation at all
Links 23/07/2025: Book Bans, Storms, and Kangaroo Court for Patents Commits More Unlawful Acts of Overreach
Links for the day
Gemini Links 22/07/2025: Thinkpad and Pinephone
Links for the day
Links 22/07/2025: "Blog Restart" and Microsoft Clobbered by “ToolShell"
Links for the day
Global Warming and Global GAFAM Energy-Wasting
Burn more money (borrowed, loans), then hope the waste will somehow translate into profit?
No Compliance With the European Patent Convention (EPC) at the European Patent Office (EPO)
It's about preventing competition against this autocracy
Blue-Collar Trolls vs White-Collar Trolls
Examples of white-collar trolls
Apple Vision Pro Failed So Badly That Its Sales Are About 2,000 Times Smaller Than iPhone Sales
What's left for Apple to offer other than hype?
To Millions of People "Year of the Linux Desktop" Was Some Time in the 1990s (Bootable GNU/Linux as a Complete Operating System is Over 33 in Age)
In some sense, "year of the Linux desktop" was 33 years ago
Make No Assumptions (or Demands) About the Screen Resolution Used by Other People
There are usability aspects, aside from accessibility aspects
Why Wayland (and XWayland) Won't Solve the Key Problem It Proclaims to be Tackling (the Same Is True for Rust)
The problem isn't Wayland per se but the false promises and efforts to force everybody to move to it whilst insulting or demonising everyone who won't play along
They Don't Tell Us that 'Digitalisation' (Now Sold as "Hey Hi") Just Means Customers Become Unpaid Staff and Are Made Accountable
People are being conditioned to associate technology with something undesirable, at times even unbearable
Diplomatic Immunity Should Not Exist for Anybody
The EPO in its current form gradually 'normalises' the end of European democracy
Brett Wilson LLP Stopped Sending Me Papers When I Showed It had Sent Me Over 5 Kilograms of Legal Papers
A week ago we lodged our third lawsuit
Microsoft Mass Layoffs and Shutdowns Became the New Normal at Microsoft
Microsoft mass layoffs became a topic of everyday media coverage since May
Amazon Web Services (AWS) Has Layoffs and Microsoft Gaming/Entertainment Division Has an Uncertain Future
it's good to see all those horrible things crashing and burning
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, July 21, 2025
IRC logs for Monday, July 21, 2025
FSF "Raised Almost $139,000 During This Summer Campaign"
"Thank you for making a stand against dystopia!"
Gemini Links 22/07/2025: VPS Exploited and Fear of View
Links for the day